X

Comment Deadline Set for SEC Proposal to Expand Application of Reg SCI

Comments are due by June 13, 2023 for the SEC's proposed expansion of the scope of Regulation Systems Compliance and Integrity ("Reg SCI") to cover, among other entities, broker-dealers defined by various measures of size. The comment deadline was published in the Federal Register.

As previously covered, the proposed amendments to Reg SCI would:

  • expand the scope of the term "SCI entities" to cover (i) SEC-registered broker-dealers that exceed either a total assets threshold or a transaction activity threshold taking into account certain financial products including NMS stocks, Treasury securities and exchange-listed options, (ii) registered security-based swap data repositories ("SBSDRs") and (iii) exempt clearing agencies;
  • require an SCI entity's relevant policies and procedures to include a program to "manage and oversee" third-party providers, including cloud services providers, that "provide or support SCI or indirect SCI systems";
  • require that an SCI entity (i) establish a business continuity and disaster recovery plan that accounts for the unavailability of any third-party provider "without which there would be a material impact on critical SCI systems" and (ii) include important third-party providers in annual business continuity and disaster recovery testing;
  • provide that an SCI entity must establish a program to "prevent unauthorized access to SCI systems and information";
  • include in the definition of "systems intrusion" additional cyber events (e.g., distributed denial-of-service attacks) and require that SCI entities notify the SEC of such systems intrusions without delay;
  • revise the SCI review to "specify that objective personnel assess the risks to covered systems, internal control design and operating effectiveness, and third-party provider management risks and controls, and require penetration testing at least annually" and
  • update Reg SCI's recordkeeping requirements and Form SCI in accordance with the proposed amendments' requirements.

Primary Sources

  1. 88 FR 23146: SEC Rule Proposal: Regulation Systems Compliance and Integrity

Related Articles

  • SEC Proposes Expanded Application of Reg SCI

    The SEC proposed amendments to Regulation Systems Compliance and Integrity that would expand the scope of the regulation to cover, among other entities, large broker-dealers, as defined by various measures of size.

Premium Content

Available only to Premium subscribers.

 

Join Premium

US Regulatory Intelligence combines regulatory and enforcement news, analysis, and practical work tools on an easy-to-use digital platform.

Request a Free Trial

Tags

Regulated Activities
Technology (not Cyber) Trading
Regulated Entities
Markets
Sub-Entity
Clearing Organizations, SDRs/SBSDRs
Body of Law
Securities Law
Jurisdiction
US - Federal
Organization
SEC